Burp Extensions & Tips

Extensions

• JS Link Finder by InitRoot
• Upload Scanner by Tobias ‘floyd’ Ospelt
• Auth Analyzer by Simon Reinhart
• Turbo Intruder by James Kettle
• HTTP Request Smuggler by James Kettle

• AWS Security Checks

• xnl-h4ck3r/auto-repeater

• /xnl-h4ck3r/GAP

• graphquail

• BurpSuiteSharpener

• DNS-Analyzer

• PyCript

• ParaForge

• SSRFmap

• burp-vps-proxy

• JSpector

• ReconAIzer

• Container proxy for 🦊 Firefox

• BurpBounty

Tips

[6 Burp Suite Tips & Tricks](https://taksec.medium.com/6-burp-suite-tips-tricks-60592cf843ba)

[Reflected XSS into HTML context with nothing encoded](https://systemweakness.com/reflected-xss-into-html-context-with-nothing-encoded-4789a7e973ba?source=rss----f20a9840e177---4)